Try to improve the documentation concerning the "tun" interface. Take note

that that kernel module must be loaded and IP forwarding enabled. Also add
slight improvements to the "tunconfig" script so that sudo /sbin/ifconfig
and sudo /sbin/iptables are really supported for current user if not root.
This commit is contained in:
gbeauche 2005-05-14 16:08:17 +00:00
parent 722eedd6e2
commit fd61ad2b0c
2 changed files with 38 additions and 9 deletions

View File

@ -442,6 +442,12 @@ ether <ethernet card description>
instead of sending packets via physical media writes them to
the user space program.
Prerequesties:
- Make sure the "tun" kernel module is loaded
# modprobe tun
- Make sure IP Fordwarding is enabled on your system
# echo 1 >/proc/sys/net/ipv4/ip_forward
A virtual network configuration script is required and the
default is /usr/local/BasiliskII/tunconfig unless you specify
a different file with the "etherconfig" item.

View File

@ -11,13 +11,23 @@
# If the linux box is configured as a firewall, the rules below might
# need some adjustments.
#
# The IP Tunnel driver requires IP forwarding to be enabled. Run as root:
#
# echo 1 >/proc/sys/net/ipv4/ip_forward
#
###########################################################################
SUDO=/usr/bin/sudo
IFCONFIG=/sbin/ifconfig
IPTABLES=/sbin/iptables
#########################################################
[[ "x$1" = "x-n" ]] && {
DONT_EXECUTE=yes
shift 1
}
TUN_DEV=$1
ACTION=$2
@ -31,7 +41,7 @@ TUN_HOST=172.20.$NET_NUM.1
#########################################################
[[ $# = 2 ]] || {
echo "Usage: tunconfig iface up|down"
echo "Usage: tunconfig [-n] iface up|down"
exit 2
}
@ -40,13 +50,26 @@ TUN_HOST=172.20.$NET_NUM.1
SUDO=""
}
[[ -x $IPTABLES ]] && {
IPTABLES="$SUDO $IPTABLES"
} || {
[[ -x $IPTABLES ]] || {
echo "---> $IPTABLES not found." 1>&2
IPTABLES=/bin/true
exit 1
}
if [ -n "$SUDO" ]; then
$SUDO -l | grep -q "NOPASSWD: $IFCONFIG" || {
echo "---> Missing sudo NOPASSWD: $IFCONFIG." 1>&2
exit 1
}
$SUDO -l | grep -q "NOPASSWD: $IPTABLES" || {
echo "---> Missing sudo NOPASSWD: $IPTABLES." 1>&2
exit 1
}
IFCONFIG="$SUDO $IFCONFIG"
IPTABLES="$SUDO $IPTABLES"
fi
[[ "x$DONT_EXECUTE" = "xyes" ]] && exit 0
$IPTABLES -L -n -t nat > /dev/null || exit 1
#########################################################
@ -62,7 +85,7 @@ $IPTABLES -L -n -t nat > /dev/null || exit 1
#########################################################
[[ "$ACTION" = down ]] && {
$SUDO /sbin/ifconfig $TUN_DEV down
$IFCONFIG $TUN_DEV down
}
#########################################################
@ -70,7 +93,7 @@ $IPTABLES -L -n -t nat > /dev/null || exit 1
#########################################################
[[ "$ACTION" = up ]] && {
$SUDO /sbin/ifconfig $TUN_DEV $TUN_HOST
$IFCONFIG $TUN_DEV $TUN_HOST
# masquerade the tun network
$IPTABLES -t nat -A POSTROUTING -s $TUN_NET -d ! $TUN_NET -j MASQUERADE